Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
MS_Net
New Contributor

Created on ‎10-02-2023 09:12 AM

Fortigate 201F firmware upgrade from 6.4.13 to 7.0.12 

 

Good afternoon,

 

After upgrading the Fortigate 201F firmware version, from 6.4.13 to 7.0.12, the existing configured VPN SSL Policies changed from enable to disable

 

Do you have any suggestion how to fix that? 

 

Upgrading to an earlier firmware version, like 7.2.5 will solve it? 

 

Thanks,

Labels:
318
0 Kudos
4 REPLIES 4
dbu
Staff
Staff

Created on ‎10-02-2023 10:56 AM

Hi @MS_Net ,

Thank you for reaching out. 
I believe you took a backup of the config before the upgrade from 6.4.13 to 7.0.12. And usually if you downgrade the firmware to 6.4.13 and you restore the same backup it should be on same state as you left it prior upgrade. 

Regarding "Upgrading to an earlier firmware version, like 7.2.5" , this is a later version than 7.0.12. 
You can try to upgrade and share the results. 

Regards!

Regards!
If you have found a solution, please like and accept it to make it easily accessible for others.
300
0 Kudos
MS_Net
New Contributor
In response to dbu

Created on ‎10-03-2023 02:09 AM

Good afternoon, 

 

The Fortigate 201F had the firmware version 6.4.13, and with this version the existing configured VPN SSL Policies were all enable

 

Although, after upgrading the Fortigate 201F firmware version, from 6.4.13 to 7.0.12, the existing configured VPN SSL Policies changed from enable to disable

 

And they only became enable again, after the rollback from 7.0.12 to 6.4.13 version 

 

Do you have any suggestion how to fix that? 

 

Upgrading to an earlier firmware version, like 7.2.5 will solve it? 

 

Thanks,

273
0 Kudos
srajeswaran
Staff
Staff
In response to MS_Net

Created on ‎10-03-2023 02:52 AM

Upgrading to 7.2.5 will help only if it is a bug in 7.0.12 and the fix is available in 7.2.5. I did a quick search , but couldn't find any matching bugs.

 

Instead of an upgrade/downgrade during problem state, can we manually enable the policies? How many such policies are there ? May be you can download the config backup after upgrade and then use a text editor to change/replace disable to enable and then reload the configuration (please make sure only the policies are changed and no other settings changed enabled/disabled)

 

Regards,

Suraj

- Have you found a solution? Then give your helper a "Kudos" and mark the solution.

263
0 Kudos
MS_Net
New Contributor
In response to srajeswaran

Created on ‎10-03-2023 04:16 AM Edited on ‎10-03-2023 04:19 AM

Good afternoon, 

 

After upgrading the Fortigate 201F firmware version, from 6.4.13 to 7.0.12, the existing configured VPN SSL Policies changed from enable to disable

 

When we do the rollback from 7.0.12 to 6.4.13 version, the policies continue in disable, probably because the rollback "catches" those changes, made in 7.0.12 version, in the policies configuration, and "brings" them to the 6.4.13 version

 

Subsequently, we have to manually enable all of them, which is not viable, when there are many policies 

255
0 Kudos
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.​

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2023 Fortinet, Inc. All Rights Reserved.